Information Security Policy

1. Information Security Organization

The Company shall establish an information security organization to maintain and improve information security.

2. Management and classification of information assets

The Company classifies all information assets according to the degree of importance and appropriately handles and manages them.

3. Monitoring and Audit

In order to ensure that the management of information assets is properly implemented, the Company regularly conducts internal audits to maintain and continuously improve the level of information security.

4. Education and Training

The Company shall regularly plan and provide all employees with necessary information security education and training according to their duties.

5. Compliance

The Company shall comply with the legal requirements related to information security such as the Companies Act, the Unfair Competition Prevention Act, the Act on the Prohibition of Unauthorized Computer Access, and the Personal Information Protection Act, as well as the guidelines from each ministry and agency. We will also comply with contractual requirements.